package com.fosun.spr.plugin.shiro;

import java.util.HashSet;
import java.util.Set;

import javax.annotation.Resource;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AccountException;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

import com.fosun.spr.core.base.SessionModel;
import com.fosun.spr.plugin.shiro.api.service.UucLoginService;
import com.fosun.spr.plugin.shiro.api.service.model.GetUserByLoginNoSpModel;
import com.fosun.spr.plugin.shiro.api.service.model.GetUserByLoginNoSrModel;
import com.fosun.spr.plugin.shiro.api.service.model.ListPrivilegeByUserIdSpModel;
import com.fosun.spr.plugin.shiro.api.service.model.ListPrivilegeByUserIdSrModel;

public class MyShiroRealm extends AuthorizingRealm {

	@Resource
	private UucLoginService uucLoginService;

	/**
	 * 认证信息.(身份验证) : Authentication 是用来验证用户身份
	 * 
	 * @param token
	 * @return
	 * @throws AuthenticationException
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken)
			throws AuthenticationException {
		System.out.println("身份认证方法：MyShiroRealm.doGetAuthenticationInfo()");

		UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
		String name = token.getUsername();

		GetUserByLoginNoSpModel spModel2 = new GetUserByLoginNoSpModel();
		spModel2.setLoginNo(name);
		GetUserByLoginNoSrModel srModel2 = uucLoginService.getUserByLoginNo(spModel2);
		if (srModel2 == null || srModel2.getLoginNo().trim().length() == 0) {
			throw new AccountException("帐号或密码不正确！");
		}
		if (!new String(token.getPassword()).equals(srModel2.getMiPsd())) {
			throw new AccountException("帐号或密码不正确！");
		}
		SessionModel sessionModel = new SessionModel();
		sessionModel.setUserId(srModel2.getId());

		return new SimpleAuthenticationInfo(sessionModel, srModel2.getMiPsd(), getName());

	}

	/**
	 * 授权
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
		System.out.println("权限认证方法：MyShiroRealm.doGetAuthenticationInfo()");
		SessionModel token = (SessionModel) SecurityUtils.getSubject().getPrincipal();
 
		SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
		Set<String> permissionSet = new HashSet<String>();
		//permissionSet.add("SPR_UUC_USER");
		
		ListPrivilegeByUserIdSpModel spModel2 = new ListPrivilegeByUserIdSpModel();
		spModel2.setUserId(token.getUserId());
		ListPrivilegeByUserIdSrModel srModel2 = uucLoginService.listPrivilegeByUserId(spModel2);
		String[] p = new String[srModel2.getPrivilege().length];
		for(int i=0,j=srModel2.getPrivilege().length;i<j;i++) {
			permissionSet.add(srModel2.getPrivilege()[i].getPrivilegeCode());
		}
		
		info.setStringPermissions(permissionSet);
		return info;
	}

}
